LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-29-2017, 09:07 PM   #1
LenHoff
Member
 
Registered: Mar 2017
Posts: 68

Rep: Reputation: Disabled
Repository apps version numbering system


1) For Mint repository version naming (or any similar) what does
"Version: 52.0+linuxmint1+serena" actually mean?
What is the '1' after linuxmint? Does it mean it's v52.0, 52.0.1 or...?

2) Since repository versions are often behind the latest stable dev versions, exactly how are the newest security updates incorporated into older versions (in a repository).

Or are ALL apps as up to date - security fix-wise, as latest dev releases, necessarily? I've read devs complaining that distro XYZ has an old, vulnerable version on the Repo; won't take it off but won't put up the new one, or other scenarios.

3) For huge projects like browsers, office suite & 1000's of apps, how can small distros take all security & kernel code changes & back port them to a previous version? And have the man power to thoroughly test that all new changes work 99.99% - in the older versions?
Or is testing by distros in this aspect not a reality?

I'm sure I don't fully understand, but the staffs of Mint, Fedora, CentOS, etc., are minuscule compared to Mozilla, Google, LOO, etc.

Thanks.
 
Old 03-30-2017, 01:52 AM   #2
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 7.7 (?), Centos 8.1
Posts: 17,860

Rep: Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596
The smaller distros rely on bigger ones upstream; eg Centos is basically a free rebuild of RHEL
RHEL (for example) go for stability by sticking to the same major version of an app/service during a given major OS version, BUT they definitely do backport bugfixes and Security fixes - hence the long/complex version nums eg
Code:
Linux  2.6.32-642.1.1.el6.centos.plus.x86_64
Major kernel version (STABLE) 2.6, subver 32, patch 642 sub 1, sub 1 ... for 64 bit processor.
If you really want to read into this, see the RedHat website; its all there in the docs; both the numbering convention and release notes for each version/sub/patch/... etc

Other distros have a similar system...

HTH
 
Old 03-30-2017, 03:03 PM   #3
LenHoff
Member
 
Registered: Mar 2017
Posts: 68

Original Poster
Rep: Reputation: Disabled
I appreciate the info on Linux OS version numbering.
But I asked about meaning of version numbering for 3rd party apps (firefox, etc.) shown in distros' repositories - specifically Mint.
e.g., the specific example I gave.

The version numbering of ubuntu / mint repository, non-OS apps don't have the same info as your Linux example.

I'm trying to understand Mint's repository version numbering for apps, & see how they align w/ devs' version numbers (or if there's any consistent comparison at all).

I also asked about how (any) distro has time for back porting fixes, plus do any testing - * on 1000's of apps * in repositories. Not about a distro's version of Linux OS.
*Any* distro's staff is tiny compared to Mozilla, Google, etc.

Thanks.
 
Old 03-30-2017, 03:13 PM   #4
dolphin_oracle
MX Linux
 
Registered: Dec 2013
Posts: 402

Rep: Reputation: Disabled
in that particular case, It looks to me like its firefox 52.0 plus particular stuff for linux mint. Distros customize certain parts of upstream apps on occasion.

in the mx linux case for firefox, the deb is:

firefox_52.0.2~mozillabinaries-1mx15+1_amd64.deb

with the version

52.0.2~mozillabinaries-1mx15+1

In this case firefox 52.0.2 with mx customizations included.

MX, and I imagine ubuntu and mint as well, should be following the debian version standard, which can be found here: https://www.debian.org/doc/debian-po...ml#s-f-Version
 
Old 03-30-2017, 06:28 PM   #5
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
Quote:
Originally Posted by LenHoff View Post
1) For Mint repository version naming (or any similar) what does
"Version: 52.0+linuxmint1+serena" actually mean?
I believe in this case, the version is 52.0.1 and the linuxmint is an indication that it is sourced from Mint and not any further upstream.
 
Old 03-30-2017, 08:29 PM   #6
hydrurga
LQ Guru
 
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 20 MATE
Posts: 8,048
Blog Entries: 5

Rep: Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916
Quote:
Originally Posted by LenHoff View Post
1) For Mint repository version naming (or any similar) what does
"Version: 52.0+linuxmint1+serena" actually mean?
What is the '1' after linuxmint? Does it mean it's v52.0, 52.0.1 or...?
The upstream version is 52.0, this being Linux Mint's first packaging of that version of the package for the Serena version of Mint. It isn't v. 52.0.1, as illustrated by my current version 52.0.1+linuxmint1+serena.

Also in my repos is 52.0.1+build2-0ubuntu0.16.04.1, which is again the upstream version of 52.0.1 (Upstream build 2; not a Debian package as defined by the -0), but is the first package of this produced by Ubuntu for 16.04.

For more info:

http://serverfault.com/questions/604...ion-convention (there is an equivalent Ubuntu Policy Manual to the Debian Policy Manual at http://people.canonical.com/~cjwatso...rolfields.html (5.6.12)).
 
Old 03-30-2017, 08:45 PM   #7
LenHoff
Member
 
Registered: Mar 2017
Posts: 68

Original Poster
Rep: Reputation: Disabled
Thanks. That's interesting - (by your example) MX linux has 52.0.2. (Same as Mozilla's latest stable_x64). Mint's main repo only has 52.0 - still, as of 3/30/2017.
That's part of the reason I installed the Mozilla release manually. Mint's v52.0 may have latest bug fixes back ported (don't know to what extent - only critical, high??), but AFAIK don't have latest features or UI, hardware related fixes?

That's the part I don't like about taking what's available in the repo. A bug in earlier version may not be a security risk or crash 50% of users, but it may make some users miserable. The disto version may contain / not contain things in the dev release. Sometimes, changing it back is a PIA.

So far I've found it's a good bit of work to update packages installed manually, say, to /opt.
Some users install Fx or other apps to /home - to get around permission issues & allow easier updating. Doesn't that decrease security - installing to directories w/ full permissions for everyone?

Last edited by LenHoff; 03-30-2017 at 08:48 PM.
 
Old 03-30-2017, 11:28 PM   #8
hydrurga
LQ Guru
 
Registered: Nov 2008
Location: Pictland
Distribution: Linux Mint 20 MATE
Posts: 8,048
Blog Entries: 5

Rep: Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916Reputation: 2916
Quote:
Originally Posted by LenHoff View Post
Thanks. That's interesting - (by your example) MX linux has 52.0.2. (Same as Mozilla's latest stable_x64). Mint's main repo only has 52.0 - still, as of 3/30/2017.
That's part of the reason I installed the Mozilla release manually. Mint's v52.0 may have latest bug fixes back ported (don't know to what extent - only critical, high??), but AFAIK don't have latest features or UI, hardware related fixes?

That's the part I don't like about taking what's available in the repo. A bug in earlier version may not be a security risk or crash 50% of users, but it may make some users miserable. The disto version may contain / not contain things in the dev release. Sometimes, changing it back is a PIA.

So far I've found it's a good bit of work to update packages installed manually, say, to /opt.
Some users install Fx or other apps to /home - to get around permission issues & allow easier updating. Doesn't that decrease security - installing to directories w/ full permissions for everyone?
I don't know which mirrors you are using, but Firefox 52.0.1 came down the pipe to me from the Linux Mint repos on 23/3/17. It was released on 17/3/17. I can cope with that sort of delay. 52.0.2 was released on 28/3/17. To be honest with you, I wouldn't imagine that bug fixes are backported by Mint for Firefox.

I can see where you're coming from though. For most of my software I stick to the repos because it works well for me. However for certain packages I install directly from upstream or PPAs so that I can be more up-to-date.

Last edited by hydrurga; 03-31-2017 at 03:53 AM.
 
Old 03-30-2017, 11:59 PM   #9
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 7.7 (?), Centos 8.1
Posts: 17,860

Rep: Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596Reputation: 2596
My post was just an example (that happened to use the the kernel). The same principles apply to all SW.
Your best bet is to stick to the official repos for your distro. As above, either they (or the upstream as applicable) will have done all reasonable testing to ensure stable secure SW.
However, no-one is perfect, hence the continual updates that appear and the long version numbering...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: LibreOffice clarifies version numbering LXer Syndicated Linux News 0 05-16-2011 07:20 PM
Kernel Version Numbering appilu Linux - Kernel 6 01-20-2011 04:53 AM
Kernel Version Numbering Scheme - Question rrrssssss Linux - General 4 07-29-2007 04:10 PM
Version numbering standard? PsychosisNode Programming 3 08-26-2003 10:55 PM
An interesting fact about version numbering Bluestreak Linux - Software 11 02-16-2003 09:35 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 05:13 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration